Lisex
0.0 development contributions were the following ones:
-
Team
training and learning
-
Fine
tune of techniques and tools applied (Coq, functional testing
based on formal specifications, etc.)
-
Deep
understanding of the MLS mechanism and its fundamentals
The last point
deserves special attention. MLS advantages are as known as their
disadvantages. Multi-level security is perhaps the only one model
powerful enough as to present an adequate level of resistance to
confidentiality attacks performed by Trojan horses. However, standard
implementations have one or two defects: either they loose compatibility
with applications software or it is cumbersome (or even impossible)
to do standard system tasks due to the restrictions enforced by
the system. Any of these features render MLS systems as a commercial
option.
We had the
chance to experiment with Lisex security model and prototype. This allowed us to
uncover most of the conceptual causes that make traditional MLS
implementations unsatisfactory. Moreover, a solution has been developed
for each of these problems. These solutions will be the basis of
GIDIS Trusted Linux. Hence, GIDIS Trusted Linux will feature all
advantages of MLS systems but none of their disadvantages at a reasonable
performance cost.
|